I'm working on setting up Windows Deployment Services on a Windows Server 2003 machine. In my exploration of the various options for configuring this system, I wanted to learn the difference between known and unknow client computers. As I understand it, a known client computer has already had an account added to the domain for that computer, while an unknown does not yet have an account added.

Exploring then how machine accounts are added to the domain before the machine itself connects to that domain, I come upon the concept of a managed versus an unmanaged machine. So far as I can tell, a managed machine must have a GUID set up in the BIOS somewhere while an unmanaged machine does not need this GUID. But I fail to find any reference to what other differences there are between a managed machine and an unmanaged one.

What are the benefits and/or differences of an unmanaged versus a managed machine on an Active Directory Domain?

1 Answer
1

A "managed" computer is known to WDS, and follows the policies and configuration set up for known computers. An "unmanaged" computer is a member of the AD domain, but not known to WDS, so when PXE-booting to WDS, it follows policies for a new / unknown client.

So managed and unmanaged are only applicable in the WDS configuration? As in, I'd set a UUID in the BIOS for each machine I get in, create a machine domain account and enter that UUID during the process, and then when the machine PXE boots and uses WDS it'll be assigned directly to that domain account?
–
music2myearAug 5 '11 at 20:38

1

That's my understanding, yes. Actually, part of the UUID is the network adapter's MAC address - that detail caused me some surprise when I switched out a NIC and expected that machine to regain its old hostname and domain account...
–
Andreas TurriffAug 5 '11 at 20:43

Yes, I saw that as an option for automated naming. Our naming convention doesn't use the MAC address though. I'm not aware of a company that does use the MAC address for naming.
–
music2myearAug 5 '11 at 20:51

1

Not naming - this may have been a braindead implementation for GUID. The BIOS would report the system GUID as its preconfigured GUID, with the last 48 bits XOR'd with the active (PXE booting) NIC's MAC address. As a result, WDS thought it was dealing with a new client on a NIC change on that machine. Haven't had occasion to test this on other boxes, though.
–
Andreas TurriffAug 5 '11 at 20:55

Interesting. Thank you for the clarification.
–
music2myearAug 5 '11 at 20:56